The General Data Protection Regulation (GDPR) will officially come into effect from May 25th this year. GDPR is something every business must be prepared for: it is the law. We’ve put together a simple guide to help you gain a good understanding of whether your company is actually ready for the big deadline.
You know your data
Who. What. Why. Where. When.
These are the five Ws of data you must consider during GDPR preparation. You need to know whose data you have, what type of data it is, why you have it on file, where it’s stored, and when you acquired it in the first instance.
Data should be categorised accordingly and remain easily accessible, with a specially-assigned individual or team dedicated to overseeing this information at all times.
You need to know your data inside out and back to front before the 25th May – otherwise you could end up with up to a six-figure penalty.
You’ve built a data fortress
According to GDPR laws, those in possession of data are ultimately responsible for its wellbeing. If your system is breached and the information is affected, you’ll have to answer to the authorities – as well as the party to whom the stolen data belongs.
Firewalls and antivirus software aren’t enough anymore. Cyberattacks are smart and sophisticated – you need a multi-layered defence system to keep information completely secure.
If you don’t have a team manning an ever-evolving cybersecurity solution, your data remains at risk – which will cause big problems come May 25th and beyond.
You’ve adjusted and presented your company policy
GDPR also demands policy changes which can differ depending on the size of your business. A company with more than 250 employees, for example, is legally required to have a qualified Data Protection Officer in charge of stored information. The key change, though, is that all businesses must obtain consent from other parties before storing and using their data. This applies to every business regardless of size.
All the policy alterations must be written in plain English and put forward to employees so that everyone is aware of the new rules and what they mean. Staff should be trained and prepared for the emergence of GDPR – as the way they handle data moving forward is a company-wide responsibility.
Don’t panic – Linten can save the day
If you aren’t conforming to all or any of the above, there’s a strong chance your business simply isn’t ready for GDPR. Thankfully, Linten are here to help. We have an in-house GDPR Certified Practitioner who can conduct expert assessments of your business and determine what measures you need to take to ensure compliance.
We work with businesses of all sizes to offer a fast, effective solution, so don’t hesitate to contact the Linten team today on 0161 503 5050. Time is of the essence. The sooner you get in touch, the quicker we can help.